Search found 521 matches

by JDunphy
Thu Feb 06, 2020 9:07 pm
Forum: Administrators
Topic: Uptick in base64 encoded SPAM
Replies: 3
Views: 870

Re: Uptick in base64 encoded SPAM

What I am seeing is the email subject and body are base64 encoded. It seems that no checking is being performed on them as they fly straight through two different anti-spam systems I have in play. Interesting, base64 sounds to be a reasonable spam hit as it would be obfuscating the subject line IMO...
by JDunphy
Wed Feb 05, 2020 1:13 am
Forum: Community News
Topic: February 2020 Zeta Alliance Weekly Call Summaries
Replies: 9
Views: 6118

Re: February 2020 Zeta Alliance Weekly Call Summaries

Thanks Randy. These call summaries are very much appreciated.

PS. That is fantastic news with regard to Synacor giving Barry the Channel Evangelist role. I look forward to seeing some of his how-to articles.
by JDunphy
Tue Feb 04, 2020 6:35 pm
Forum: Administrators
Topic: Uptick in base64 encoded SPAM
Replies: 3
Views: 870

Re: Uptick in base64 encoded SPAM

SA doesn't have any issue with base64 and their rules do run against it. They won't run against if it's an attachment of course but for html or text, they have no problem. Perhaps you could begin to look for patterns when its base64. Here is one we do. full __J_BASE64_HACK /=D[01]=[A-F0-9][A-F0-9][A...
by JDunphy
Sat Feb 01, 2020 10:53 pm
Forum: Administrators
Topic: SA rule updates with sha1 checksums to stop on March 1, 2020
Replies: 3
Views: 1669

Re: SA rule updates with sha1 checksums to stop on March 1, 2020

Hi Jim, Thanks very much for this. 8.8.15 Patch 4 ships with SpamAssassin 3.4.1. Are you running Network Edition and if so can you open a support case with Zimbra? Hi Mark, Yes I am. Ticket has been opened with them. Given this seems to be a problem across all platforms, upgrading SA can be done vi...
by JDunphy
Sat Feb 01, 2020 7:28 pm
Forum: Administrators
Topic: SA rule updates with sha1 checksums to stop on March 1, 2020
Replies: 3
Views: 1669

SA rule updates with sha1 checksums to stop on March 1, 2020

If you are running spamassassin 3.4.1 or older, new rule updates will fail on March 1, 2020 when the rule checksums will no longer be hashed as sha1. You will require a /opt/zimbra/common/bin/sa-update with sha256/sha512 support to pull updated and new rules. What does this mean? No further rule upg...
by JDunphy
Wed Jan 29, 2020 6:20 pm
Forum: Administrators
Topic: Encrypted PDFs
Replies: 4
Views: 1625

Re: Encrypted PDFs

I thought I would share my solution since I have a new mobile app that likes to encrypt pdf's and I wasn't going to keep releasing it from quarantine. While the newer clamav updated with 8.7.11.p14 has the concept of encrypted docs vs encrypted archives, that isn't enough granularity when you just w...
by JDunphy
Wed Jan 29, 2020 2:03 pm
Forum: Administrators
Topic: Spam quarantine?
Replies: 2
Views: 473

Re: Spam quarantine?

Most likely they were dropped if they scored over 15 and you didn't see them delivered to the junk folder of the user. You can verify by doing something like this: % grep -i blocked /var/log/zimbra.log | awk '{print $22,$12}' | sort 48.131, <4383-238-65151-1330-anna=example.com@mail.dancklion.us> 48...
by JDunphy
Thu Jan 16, 2020 7:19 pm
Forum: Administrators
Topic: Weird SSL Certificate issue even though valid certs are installed
Replies: 6
Views: 1187

Re: Weird SSL Certificate issue even though valid certs are installed

Weirdly again I get an error on the hostname as part of the output of the command you posted: The hostname is correct. DNS is correct. You should not be getting a connection error on the hostname you provided ... double check via netstat that you have something on port 443 for hostname:443. It shou...
by JDunphy
Thu Jan 16, 2020 6:24 pm
Forum: Administrators
Topic: Weird SSL Certificate issue even though valid certs are installed
Replies: 6
Views: 1187

Re: Weird SSL Certificate issue even though valid certs are installed

Weird... Run this against nginx and then work backwards from there depending on results. % openssl s_client -connect mail.example.com:443 | openssl x509 -noout -dates depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Au...
by JDunphy
Fri Dec 06, 2019 4:23 pm
Forum: Administrators
Topic: Zimbra to Zimbra migration/upgrade, options?
Replies: 9
Views: 3318

Re: Zimbra to Zimbra migration/upgrade, options?

Thank you for a great topic discussion. I will have this in front of me also. I am currently at 8.7.11 which is end of life Dec 31, 2019 but 8.8+ appears to raise stability issues that we don't want our users to experience according to various reports in these forums. As a result, I am probably goin...

Go to advanced search